Vulnerabilities > Webassembly Virtual Machine Project

DATE CVE VULNERABILITY TITLE RISK
2018-09-21 CVE-2018-17293 NULL Pointer Dereference vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
An issue was discovered in WAVM before 2018-09-16.
6.8
2018-09-21 CVE-2018-17292 Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
An issue was discovered in WAVM before 2018-09-16.
4.3
2018-09-10 CVE-2018-16770 Unspecified vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because a certain new_allocator allocate call fails.
6.8
2018-09-10 CVE-2018-16769 Unspecified vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled.
6.8
2018-09-10 CVE-2018-16768 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end.
6.8
2018-09-10 CVE-2018-16767 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand.
6.8
2018-09-10 CVE-2018-16766 Always-Incorrect Control Flow Implementation vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached.
6.8
2018-09-10 CVE-2018-16765 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_.
6.8
2018-09-10 CVE-2018-16764 Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine
In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read.
6.8